这是什么毒？Ghost系统里自带的！！！

显示全部楼层 · 发表于 2009-8-21 09:17:40

C:\Documents and Settings\Hzz\桌面\vsncp106.exe - 可能是 Win32/Agent 特洛伊木马的变种
nod32 4.0 4351

显示全部楼层 · 发表于 2009-8-21 09:20:53

to RISING

VirSCAN.org Scanned Report :
Scanned time : 2009/08/21 09:14:49 (CST)
Scanner results: 43%的杀软(16/37)报告发现病毒
File Name    : vsncp106.rar
File Size    : 10509 byte
File Type    : RAR archive data, v1d, os
MD5          : 686316b4856bf1329bf10dacb953339a
SHA1          : d6e9bb5c1bfe59f214747e50f1a75b793f26711a
Online report  : http://virscan.org/report/648027362a681cd0bc429319029f8d2d.html
Scanner       Engine Ver    Sig Ver          Sig Date Time Scan result
a-squared    4.5.0.8       20090820220213 2009-08-20  0.36 Trojan.Snapshotvw.A!IK
安博士V3    2009.08.21.00 2009.08.21       2009-08-21  1.06 -
AntiVir       8.2.1.3       7.1.5.143       2009-08-20  0.28 TR/SnapshotVw.A
安天          2.0.18       20090819.2718903  2009-08-19  0.12 Virus/Win32.Downloader.ax
Arcavir       2009          200908201624    2009-08-20  0.04 -
Authentium    5.1.1          200908191809    2009-08-19  1.17 -
AVAST!       4.7.4          090820-0       2009-08-20  0.01 Win32:Trojan-gen {Other}
AVG          8.5.288       270.13.63/2316 2009-08-21  0.40 -
BitDefender 7.81008.3911257 7.27255          2009-08-21  3.34 Trojan.Snapshotvw.A
CA (VET)    9.0.0.143    31.6.6688       2009-08-20  2.99 -
ClamAV       0.95.2       9722             2009-08-20  0.01 -
Comodo       3.10          2039             2009-08-20  1.37 UnclassifiedMalware
CP Secure    1.1.0.715    2009.08.21       2009-08-21  12.20  -
Dr.Web       4.44.0.9170    2009.08.20       2009-08-20  5.19 -
F-Prot       4.4.4.56       20090820       2009-08-20  1.19 -
F-Secure    7.02.73807    2009.08.21.01    2009-08-21  0.12 -
飞塔          2.81-3.120    10.738          2009-08-20  0.31 W32/ZEROML.BC!tr
GData       19.7278/19.446  20090821       2009-08-21  5.59 Win32:Trojan-gen {Other} [Engine:B]
ViRobot       20090820       2009.08.20       2009-08-20  0.43 -
Ikarus       T3.1.01.68    2009.08.20.73323  2009-08-20  3.54 Trojan.Snapshotvw.A
江民杀毒    11.0.800       2009.08.20       2009-08-20  4.20 -
卡巴斯基    5.5.10       2009.08.20       2009-08-20  0.09 -
金山毒霸    2009.2.5.15    2009.8.20.18    2009-08-20  0.49 -
迈克菲       5.3.00       5715             2009-08-20  3.07 Generic.dx
Microsoft    1.4903       2009.08.21       2009-08-21  6.13 -
Norman       6.01.09       6.01.00          2009-08-17  4.01 W32/Smalltroj.DEHK
熊猫卫士    9.05.01       2009.08.20       2009-08-20  1.79 Trj/SnapshotVw.A
趋势科技    8.700-1004    6.382.02       2009-08-20  0.02 TROJ_ZEROML.BC
Quick Heal    10.00          2009.08.20       2009-08-20  1.34 -
瑞星          20.0          21.43.34.00    2009-08-20  1.02 -
Sophos       2.89.1       4.44             2009-08-21  3.19 Mal/Generic-A
Sunbelt       5346          5346             2009-08-20  1.48 -
赛门铁克    1.3.0.24       20090820.003    2009-08-20  0.09 Trojan Horse
nProtect    20090818.01    5093763          2009-08-18  6.01 Trojan/W32.Snapshotvw.32768
The Hacker    6.3.4.3       v00384          2009-08-20  0.66 -
VBA32       3.12.10.9    20090820.1248    2009-08-20  1.84 -
VirusBuster 4.5.11.10    10.112.11/1801294 2009-08-21  2.21 -

文件 vsncp106.rar 接收于 2009.08.21 01:31:54 (UTC)

反病毒引擎	版本	最后更新	扫描结果
a-squared	4.5.0.24	2009.08.21	Trojan.Snapshotvw.A!IK
AhnLab-V3	5.0.0.2	2009.08.20	-
AntiVir	7.9.1.3	2009.08.20	TR/SnapshotVw.A
Antiy-AVL	2.0.3.7	2009.08.20	Virus/Win32.Downloader.gen
Authentium	5.1.2.4	2009.08.20	-
Avast	4.8.1335.0	2009.08.20	Win32:Trojan-gen {Other}
AVG	8.5.0.406	2009.08.21	-
BitDefender	7.2	2009.08.21	Trojan.Snapshotvw.A
CAT-QuickHeal	10.00	2009.08.20	Trojan.Agent.ATV
ClamAV	0.94.1	2009.08.20	-
Comodo	2039	2009.08.21	UnclassifiedMalware
DrWeb	5.0.0.12182	2009.08.21	-
eSafe	7.0.17.0	2009.08.20	Win32.TrojanHorse
eTrust-Vet	31.6.6691	2009.08.20	-
F-Prot	4.4.4.56	2009.08.20	-
F-Secure	8.0.14470.0	2009.08.21	-
Fortinet	3.120.0.0	2009.08.21	W32/ZEROML.BC!tr
GData	19	2009.08.21	Trojan.Snapshotvw.A
Ikarus	T3.1.1.68.0	2009.08.21	Trojan.Snapshotvw.A
Jiangmin	11.0.800	2009.08.20	-
K7AntiVirus	7.10.823	2009.08.20	Trojan.Win32.Malware.1
Kaspersky	7.0.0.125	2009.08.21	-
McAfee	5715	2009.08.20	Generic.dx
McAfee+Artemis	5715	2009.08.20	Generic.dx
McAfee-GW-Edition	6.8.5	2009.08.20	Trojan.SnapshotVw.A
Microsoft	1.4903	2009.08.20	-
NOD32	4353	2009.08.20	probably a variant of Win32/Agent
Norman	6.01.09	2009.08.20	W32/Smalltroj.DEHK
nProtect	2009.1.8.0	2009.08.20	-
Panda	10.0.0.14	2009.08.20	Trj/SnapshotVw.A
PCTools	4.4.2.0	2009.08.20	-
Prevx	3.0	2009.08.21	Medium Risk Malware
Rising	21.43.34.00	2009.08.20	-
Sophos	4.44.0	2009.08.21	Mal/Generic-A
Sunbelt	3.2.1858.2	2009.08.20	-
Symantec	1.4.4.12	2009.08.21	Trojan Horse
TheHacker	6.3.4.3.384	2009.08.21	-
TrendMicro	8.950.0.1094	2009.08.20	TROJ_ZEROML.BC
VBA32	3.12.10.9	2009.08.20	-
ViRobot	2009.8.20.1893	2009.08.20	-
VirusBuster	4.6.5.0	2009.08.20	-

附加信息
File size: 10509 bytes
MD5...: 686316b4856bf1329bf10dacb953339a
SHA1..: d6e9bb5c1bfe59f214747e50f1a75b793f26711a
SHA256: 4b0148b6853411bec58b24ff877724b92dbcd6dff3648dd7ccee6e64d743cded
ssdeep: 192:K6uQOxAaBQdvC5u/wCpSLQOZ9wtEIe17r8H39vqltKZT8bIljvmMOkFRmZ:K<BR>PdxvWdvCI4PNZ9wtEIgI9vqETjuMOkM<BR>
PEiD..: -
TrID..: File type identification<BR>RAR Archive (83.3%)<BR>REALbasic Project (16.6%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set<BR>-
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=9B96FD9400E9F26B80C1006D20A05C00F62FE4DA' target='_blank'>http://info.prevx.com/aboutprogr ... C00F62FE4DA&lt;/a>
packers (Antiy-AVL): Armadillo 1.71

http://www.virustotal.com/zh-cn/analisis/4b0148b6853411bec58b24ff877724b92dbcd6dff3648dd7ccee6e64d743cded-1250818314

[ 本帖最后由 qihuakai 于 2009-8-21 09:24 编辑 ]

显示全部楼层 · 发表于 2009-8-21 09:43:13

to mp

显示全部楼层 · 发表于 2009-8-21 10:10:33

卡巴 miss

显示全部楼层 · 发表于 2009-8-21 12:09:00

nod32过

显示全部楼层 · 发表于 2009-8-21 14:35:24

小红伞KILL··

显示全部楼层 · 发表于 2009-8-22 01:40:48

To KL

[病毒样本] 这是什么毒？Ghost系统里自带的！！！

本帖子中包含更多资源